<?php if(!defined('XCENTER_ROOT')) exit('Access Denied');    
/**
 * Created by openXtiger.org.
 * User: xtiger
 * Date: 2009-5-11
 * Time: 16:08:21
 */
 include XCENTER_ROOT.'xcapi.mysqldriver.php';
/*public */function xmysql_get_user_by_uid($uid) {
    $db = new XCAPI_mysql_driver();
    $r = $db->fetch_first("SELECT * FROM ".xmysql_tname('members')." WHERE uid='$uid'");
    $db->close();
    return $r;
}
/*public */function xmysql_get_user_by_username($username) {
    $db = new XCAPI_mysql_driver();
    $r =  $db->fetch_first("SELECT * FROM ".xmysql_tname('members')." WHERE username='$username'");
    $db->close();
    return $r;
}
/*public */function xmysql_check_username($username) {
    $guestexp = '\xA1\xA1|\xAC\xA3|^Guest|^\xD3\xCE\xBF\xCD|\xB9\x43\xAB\xC8';
    $len = strlen($username);
    if($len > 15 || $len < 3 || preg_match("/\s+|^c:\\con\\con|[%,\*\"\s\<\>\&]|$guestexp/is", $username)) {
        return FALSE;
    } else {
        return TRUE;
    }
}
/*public */function xmysql_check_usernameexists($username) {
    $db = new XCAPI_mysql_driver();
    $data = $db->result_first("SELECT username FROM ".xmysql_tname('members')." WHERE username='$username'");
    $db->close();
    return $data;
}

/*public */function xmysql_check_emailformat($email) {
    return strlen($email) > 6 && preg_match("/^[\w\-\.]+@[\w\-\.]+(\.\w+)+$/", $email);
}
/*public */function xmysql_check_emailexists($email,  $username = '') {
    $db = new XCAPI_mysql_driver();
    $sqladd = $username !== '' ? "AND username<>'$username'" : '';
    $email = $db->result_first("SELECT email FROM  ".xmysql_tname('members')." WHERE email='$email' $sqladd");
    $db->close();
    return $email;
}
/*public */function xmysql_add_user($username, $password, $email, $uid = 0, $questionid = '', $answer = '') {
    $db = new XCAPI_mysql_driver();
    $salt = substr(uniqid(rand()), -6);
    $password = md5(md5($password).$salt);
    $sqladd = $uid ? "uid='".intval($uid)."'," : '';
    //$sqladd .= $questionid > 0 ? " secques='".$this->quescrypt($questionid, $answer)."'," : " secques='',";
    $db->query("INSERT INTO ".xmysql_tname('members')." SET $sqladd username='$username', password='$password', email='$email', regip='".xt_getip()."', regdate='".time()."', salt='$salt'");
    $uid = $db->insert_id();
    $db->close();
    return $uid;
}
/*public */function xmysql_edit_user($username, $oldpw, $newpw, $email = '', $ignoreoldpw = 0, $questionid = '', $answer = '') {
    $db = new XCAPI_mysql_driver();
    $data = $db->fetch_first("SELECT username, uid, password, salt FROM ".xmysql_tname('members')." WHERE username='$username'");

    if(!$ignoreoldpw && $data['password'] != md5(md5($oldpw).$data['salt'])) {
         $db->close();
        return -1;
    }

    $sqladd = $newpw ? "password='".md5(md5($newpw).$data['salt'])."'" : '';
    $sqladd .= $email ? ($sqladd ? ',' : '')." email='$email'" : '';
    /*if($questionid !== '') {
        if($questionid > 0) {
            $sqladd .= ($sqladd ? ',' : '')." secques='".$this->quescrypt($questionid, $answer)."'";
        } else {
            $sqladd .= ($sqladd ? ',' : '')." secques=''";
        }
    }*/
    if($sqladd) {
        $db->query("UPDATE ".xmysql_tname('members')." SET $sqladd WHERE username='$username'");
        $r = $db->affected_rows();
        $db->close();
        return $r;
    } else {
        return -7;
    }
}
/*public */function xmysql_delete_user($uidsarr) {
    //$db = new XCAPI_mysql_driver();
    $uidsarr = (array)$uidsarr;
    /*$uids = $this->base->implode($uidsarr);
    $arr = $this->db->fetch_all("SELECT uid FROM ".UC_DBTABLEPRE."protectedmembers WHERE uid IN ($uids)");
    $puids = array();
    foreach((array)$arr as $member) {
        $puids[] = $member['uid'];
    }
    $uids = $this->base->implode(array_diff($uidsarr, $puids));
    if($uids) {
        $this->db->query("DELETE FROM ".UC_DBTABLEPRE."members WHERE uid IN($uids)");
        $this->db->query("DELETE FROM ".UC_DBTABLEPRE."memberfields WHERE uid IN($uids)");
        $this->delete_useravatar($uidsarr);
        $this->base->load('note');
        $_ENV['note']->add('deleteuser', "ids=$uids");
        return $this->db->affected_rows();
    } else {
        return 0;
    }*/
}

function xmysql_tname($table) {
    return XCENTER_DBTABLEPRE.$table;
}
?>